AMENDMENTS TO THE CLAIMS 

Please amend the claims as follows: 

1. (Presently Twice Amended) A method for use in cable systems, the method 
for forwarding messages containing cryptographic keys from muhiple conditional access 
sytems that control a population of set-top boxes to an encryption renewal system, the 
method comprising: 

storing a single fictitious address of a virtual set-top box, said fictitious 
address being identical for each of said multiple conditional access systems; 

generating a unique key within each of said multiple conditional access 
systems as a funtion function of the identity of each particular muhiple conditional access 
system; 

encrypting said unique key for each of said muhiple conditional access 

systems; and 

encapsulating each of said encrypted unique keys in a message encoded to be 
forwarded to said single fictitious address. 

2. (Previously Amended) The method of claim 1 further comprising receiving 
the encoded message by the encryption renewal system which has information regarding the 
fictitious address. 

3. (Presently Twice Amended) The method of claim 1 further comprising 
deriving by the encryption renewal system the unique first cryptographic key from the 
encoded message. 



4. (Presently Twice Amended) The method of claim 1 further comprising 
forwarding to a subscriber set-top box, a control message containing information having the 
unique first cr>^prographic key for allowing the set-top box to decrypt pre-encrypted content 
for a designated duration. 



5-21. (Previously Canceled) 



23. (Not Elected) The system of claim 22 wherein the request is for an 
entitlement control message having information about a periodical key for 
accessing the second pre-encrypted content. 

24. (Not Elected) An encryption renewal system for controlling access to pre- 
encrypted content generated by an encryption device, the system comprising: 

one or more software instructions for receiving a request to retrofit an 
entitlement control message that allows a home device to access pre-encrypted content; 

one or more software instructions for retrofitting the entitlement control 
message only after verifying that the pre-encrypted content was generated prior to or 
contemporaneous with a first authorized timestamp. 

25. (Not Elected) The encryption renewal system of claim 24 wherein the 
request for the entitlement control message is accompanied by an encryption record having a 
second time stamp. 

26. (Not Elected) The encryption renewal system of claim 25 wherein the 
second time stamp indicates when the pre-encrypted content was generated. 

27. (Not Elected) An encryption renewal system for controlling access to pre- 
encrypted content generated by an encryption device, the system comprising: 

means for receiving a request for an entitlement control message that allows a 
home device to access pre-encrypted content; 

means for generating the entitlement control message only after verifying that 
the pre-encrypted content was generated prior to or contemporaneous with a first authorized 
timestamp. 



28. (Not Elected) The encryption renewal system of claim 22 wherein the first 
encryption record is secured by a cryptographic signature. 

29. (Not Elected) An offline encryption device comprising: 

one or more software instructions for generating a first time stamp marking 
when a first encrypted content is generated; and 

one or more software instructions for generating a second time stamp marking 
when a second encrypted content is generated, such that if the first time stamp is last 
authorized, the second encrypted content is decrypt-able only if the second time stamp is 
prior to or contemporaneous with the first time stamp. 

30. (Not Elected) The system of claim 29 further comprising one or more 
software instructions for generating an encryption record having the first time stamp. 

31. (Not Elected) The system of 29 further comprising an encryption renewal 
system for receiving a signal providing that the first time stamp is the last authorized time 
stamp. 

32. (Not Elected) The system of claim 30 further comprising a video on 
demand system for forwarding a request to the encryption renewal system to access the 
second encrypted content. 

33. (Not Elected) The system of claim 32 wherein the request is for an 
entitlement control message for retrofitting the second encrypted content. 

34. (Not Elected) An offline encryption device comprising: 

means for generating a first time stamp marking when a first encrypted content 
is generated; and 

means for generating for generating a second time stamp marking when a 
second encrypted content is generated, such that if the first time stamp is last authorized, the 
second encrypted content is decrypt-able only if the second time stamp is prior to or 
contemporaneous with the first time stamp. 

35. (Not Elected) The system of claim 29 further comprising means for 
generating an encryption record having the first time stamp. 



